On 16/02/2012 14:35, Scappatura Rocco wrote:
I would like that sender domain names for which is not configured any
MX record are not relayed from my MTA.
Why?
MX records are not required for receiving mail. Nor are they required
for sending mail. So there is no reason to reject mail which lacks them.
Also, a lot of entirely legitimate messages will have the sender domain
set to something like 'mail.example.com', but there will only be MX
records for 'example.com'. Rejecting on lack of senderMX will,
therefore, cause you to lose all of these.
I saw also the restriction 'reject_unverified_sender' that it could
be worth. Could some one explain me better the difference between the
two restrictions?
'reject_unverified_sender' uses sender address verification (SAV) to
attempt to check that the sending address will itself receive mail. This
is not a reliable check, since some servers won't reject at RCPT TO time
but instead defer rejection until the end of the DATA phase. Also,
excessive use of SAV is itself considered abusive (since it's a form of
backscatter), and will get your mail server blocked by many other mail
servers (including Hotmail).
If you are considering using sender verification, you should read the
online documentation and only use it if you fully understand what you
are doing and the potential consequences:
http://www.postfix.org/ADDRESS_VERIFICATION_README.html and
Mark
--
Sent from my Babbage Difference Engine 2
http://mark.goodge.co.uk
